How Much Decomposition is Too Much, The Debate Between Complete PPs and PP-Configurations (A22c)

How Much Decomposition is Too Much, The Debate Between Complete PPs and PP-Configurations (A22c)

Today the MDFPP (as an example) is a fairly cohesive set if requirements about a device evaluation, but NIAP has started to break it into smaller components (basically a Base-PP and PP-Modules). While this approach seems to have its benefits in reuse of common components across multiple Base-PPs (such as GPOS), this leads to a question of balance and scope of the requirements for a product under evaluation. When a PP is written for a specific product type as a whole, it is generally easy to see how to balance the requirements to produce an evaluation that matches the product functionality and features in scope. When the PP is broken into PP-Modules, each with their own focus, it becomes more difficult to maintain this balance to the end product under review. As each PP-Module becomes its own entity, it tends to drive focus specifically on that one component (for example Wi-Fi requirements), and while individually the scope may seem appropriate, when placed within the context of the Base-PP (of overall PP-Configuration), these smaller components may cause the overall balance of the evaluation to be lost. This talk will look at the benefits and tradeoffs between both approaches and where it may be useful to keep a PP together vs relying on PP-Modules or Packages.

About ICCC

The International Common Criteria Conference is produced by Cnxtd Inc. Event Media Services and presented with the support of the Common Criteria Users’ Forum. The CCUF provides a voice and communications channel between the CC community and the Common Criteria organizational committees, CCRA member organizations (national schemes), and policy makers. Join the CCUF at www.ccusersforum.org